如何利用淘宝API接口实现自动下单?实战案例讲解

onelafite
7 阅读3分钟

一、前期准备

  1. 注册开发者账号

    • 访问淘宝开放平台,注册账号并创建应用,获取App KeyApp Secret

    • 申请必要权限:

      • 订单管理(taobao.trade.createtaobao.trade.fullinfo.get
      • 商品详情(taobao.item.get
      • 支付接口(需额外申请支付宝开放平台权限)

  2. 环境配置

    • 安装依赖库:

      bash
pip install requests hmac hashlib

    • 配置环境变量存储敏感信息(如APP_KEYAPP_SECRET)。

二、OAuth2.0授权流程

1. 获取授权码(Code)

构造授权URL,引导用户跳转至淘宝授权页面:

python
authorization_url = (
    "https://oauth.taobao.com/authorize?"
    "response_type=code&"
    "client_id=YOUR_APP_KEY&"
    "redirect_uri=YOUR_CALLBACK_URL&"
    "state=YOUR_STATE"
)
  • 用户同意授权后,淘宝回调至redirect_uri并返回code参数。

2. 换取Access Token

使用code换取access_token

python
import requests
 
def get_access_token(app_key, app_secret, code, redirect_uri):
    url = "https://oauth.taobao.com/token"
    params = {
        "grant_type": "authorization_code",
        "client_id": app_key,
        "client_secret": app_secret,
        "code": code,
        "redirect_uri": redirect_uri
    }
    response = requests.post(url, data=params)
    return response.json()["access_token"]

三、自动下单核心流程

1. 商品搜索与选择

调用taobao.tbk.item.get接口搜索目标商品:

python
def search_item(app_key, app_secret, keyword):
    params = {
        "method": "taobao.tbk.item.get",
        "app_key": app_key,
        "timestamp": str(int(time.time())),
        "format": "json",
        "v": "2.0",
        "sign_method": "hmac",
        "fields": "num_iid,title,price",
        "q": keyword
    }
    params["sign"] = generate_sign(params, app_secret)
    response = requests.get("https://gw.api.taobao.com/router/rest", params=params)
    return response.json()["tbk_item_get_response"]["results"]["n_tbk_item"][0]

2. 加入购物车

调用taobao.cart.add接口将商品加入购物车:

python
def add_to_cart(app_key, app_secret, access_token, item_id):
    params = {
        "method": "taobao.cart.add",
        "app_key": app_key,
        "timestamp": str(int(time.time())),
        "format": "json",
        "v": "2.0",
        "sign_method": "hmac",
        "session": access_token,
        "num_iid": item_id,
        "num": "1"
    }
    params["sign"] = generate_sign(params, app_secret)
    requests.post("https://gw.api.taobao.com/router/rest", data=params)

3. 提交订单

调用taobao.trade.create接口提交订单:

python
def create_order(app_key, app_secret, access_token, item_id):
    params = {
        "method": "taobao.trade.create",
        "app_key": app_key,
        "timestamp": str(int(time.time())),
        "format": "json",
        "v": "2.0",
        "sign_method": "hmac",
        "session": access_token,
        "buyer_nick": "test_user",
        "receiver_name": "张三",
        "receiver_address": "浙江省杭州市西湖区",
        "receiver_mobile": "13800000000",
        "cart_ids": item_id,
        "payment": "99.00"
    }
    params["sign"] = generate_sign(params, app_secret)
    response = requests.post("https://gw.api.taobao.com/router/rest", data=params)
    return response.json()

4. 支付订单

调用支付宝接口完成支付(需用户授权或绑定支付方式):

python
def pay_order(order_id):
    alipay_url = "https://openapi.alipay.com/gateway.do"
    params = {
        "app_id": "YOUR_ALIPAY_APP_ID",
        "method": "alipay.trade.page.pay",
        "charset": "utf-8",
        "sign_type": "RSA2",
        "timestamp": str(int(time.time())),
        "version": "1.0",
        "biz_content": json.dumps({
            "out_trade_no": order_id,
            "total_amount": "99.00",
            "subject": "商品标题",
            "product_code": "FAST_INSTANT_TRADE_PAY"
        })
    }
    # 生成支付宝签名并发送请求(需使用支付宝公钥)
    response = requests.post(alipay_url, data=params)
    return response.json()

四、异常处理与日志记录

  1. 错误码处理

    • 常见错误码:

      • INVALID_APP_KEY:应用Key无效,需检查应用配置。
      • INVALID_SIGNATURE:签名错误,需检查签名算法。
      • FREQ_LIMIT_CONTROL:调用频率超限,需添加重试机制。

  2. 日志记录
    记录每次API调用的请求参数、响应结果及时间戳:

    python
import logging
logging.basicConfig(filename="auto_order.log", level=logging.INFO)
logging.info(f"Request: {params}, Response: {response.text}")

五、实战案例完整代码

python
import time
import requests
import hashlib
import hmac
import json
 
def generate_sign(params, app_secret):
    sorted_params = sorted(params.items())
    query = '&'.join([f'{k}{v}' for k, v in sorted_params])
    sign = hmac.new(app_secret.encode(), query.encode(), hashlib.sha256).hexdigest().upper()
    return sign
 
def auto_place_order(app_key, app_secret, code, redirect_uri, keyword):
    # 1. 获取Access Token
    access_token = get_access_token(app_key, app_secret, code, redirect_uri)
    
    # 2. 搜索商品
    item = search_item(app_key, app_secret, keyword)
    item_id = item["num_iid"]
    
    # 3. 加入购物车
    add_to_cart(app_key, app_secret, access_token, item_id)
    
    # 4. 提交订单
    order_result = create_order(app_key, app_secret, access_token, item_id)
    order_id = order_result["trade_create_response"]["trade"]["tid"]
    
    # 5. 支付订单
    pay_result = pay_order(order_id)
    return pay_result
 
# 示例调用
if __name__ == "__main__":
    app_key = "YOUR_APP_KEY"
    app_secret = "YOUR_APP_SECRET"
    code = "YOUR_AUTHORIZATION_CODE"
    redirect_uri = "YOUR_CALLBACK_URL"
    result = auto_place_order(app_key, app_secret, code, redirect_uri, "手机")
    print(result)

六、注意事项

  1. 权限限制:个人开发者可能无法申请下单权限,需企业资质。
  2. 频率限制:淘宝API对调用频率有严格限制(如QPS=50),需添加重试和限流机制。
  3. 安全风险:敏感信息(如App Secret、Access Token)需加密存储,避免泄露。
  4. 合规性:确保自动下单行为符合淘宝平台规则,避免触发风控机制。

通过以上步骤,可实现基于淘宝API的自动下单功能。实际开发中需根据具体需求调整参数和异常处理逻辑。

avatar
文章
阅读
粉丝